Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-4400
A vulnerability was found in zbl1996 FS-Blog and classified as problematic. This issue affects some unknown processing of the component Title Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerabi...
Fs-blog Project Fs-blog -
4.3
CVSSv2
CVE-2022-27174
Cross-site request forgery (CSRF) vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and previous versions allows a remote unauthenticated malicious user to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page.
Easy Blog Project Easy Blog
7.5
CVSSv2
CVE-2008-3306
SQL injection vulnerability in info.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3307. NOTE: the provenance of this information is unknown; the details are obtained ...
Youtube Blog Youtube Blog 0.1
1 EDB exploit
7.5
CVSSv2
CVE-2017-15539
SQL Injection exists in zorovavi/blog through 2017-10-17 via the id parameter to recept.php.
Zorovavi\\/blog Project Zorovavi\\/blog
NA
CVE-2023-1937
A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to...
My-blog Project My-blog -
7.5
CVSSv2
CVE-2008-2554
Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp and (2) cat parameter to template_archives_cat.asp.
Bp Blog Bp Blog 6.0
1 EDB exploit
4.3
CVSSv2
CVE-2006-0333
Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote malicious users to inject arbitrary web script or HTML via the (1) month or (2) year parameter to index.php.
Ar-blog Ar-blog 5.2
7.5
CVSSv2
CVE-2006-4202
SQL injection vulnerability in proje_goster.php in Spidey Blog Script 1.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Spidey Blog Spidey Blog Script
2 EDB exploits
7.5
CVSSv2
CVE-2010-4917
SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows remote malicious users to execute arbitrary SQL commands via the words parameter.
A-blog A-blog 2.0
1 EDB exploit
6.8
CVSSv2
CVE-2006-2809
Multiple cross-site scripting (XSS) vulnerabilities in index.php in ar-blog 5.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) count parameter, and possibly the (2) next, (3) Year_the_news, and (4) mo parameters. NOTE: the year and month vectors a...
Ar-blog Ar-blog 5.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »